Internal SCAN issue with arcotjsclient_jso.js - Header Manipulation - Cookies
search cancel

Internal SCAN issue with arcotjsclient_jso.js - Header Manipulation - Cookies

book

Article ID: 247625

calendar_today

Updated On:

Products

CA Strong Authentication

Issue/Introduction

We scanned the script using Fortify and errors with category: Header Manipulation: Cookies and they are pointing to this code inside remove method implementation:
document.cookie=a+"=;expires="+b.toGMTString();document.cookie=a+"=;expires="+b.toGMTString()+"; path=/";

Environment

Release : 9.1

Component : AuthMinder(Arcot WebFort)

Resolution

Our recommendation is to apply the patch DE537482_hotfix (arcotjsclient_jso.js) to resolve this issue.